Globus
From Nuclear Physics Group Documentation Pages
Jump to navigationJump to searchGlobus is a toolkit for transferring data. Detail are found on their website: Globus Toolkit
Configuration on Taro
Software is installed from RPM, but configuration is still to be done. The main issue here is that the Great Firewall of UNH blocks all the incoming Globus traffic. Duh.
What turns out IS possible is to run a "globus personal endpoint". Useful instructions are at: Command Line Installation for Linux
wget https://s3.amazonaws.com/connect.globusonline.org/linux/stable/globusconnect-latest.tgz tar xzf globusconnect-latest.tgz cd tar xzf globusconnect-xxx ssh maurik@cli.globusonline.org endpoint-add taro_personal --gc ./globusconnectpersonal -setup 2a0a5d39-a534-4fe7-b78a-acdb00542c52 ./globusconnectpersonal -start &
At this point you can activate the connection from the command line (endpoint_activate) or from the Web interface.
Add a user
Example of how to add a user to the globus system.
su - -s /bin/sh myproxy -sh-3.2$ whoami myproxy -sh-3.2$ -sh-3.2$ PATH=$PATH:/usr/sbin -sh-3.2$ myproxy-admin-adduser -c "Maurik Holtrop" -l maurik ... Certificate subject is: /O=Grid/OU=GlobusTest/OU=simpleCA-taro.unh.edu/OU=local/CN=Maurik Holtrop -sh-3.2$exit root@taro:~>grid-mapfile-add-entry -dn "/O=Grid/OU=GlobusTest/OU=simpleCA-taro.unh.edu/OU=local/CN=Maurik Holtrop" -ln maurik Modifying /etc/grid-security/grid-mapfile ... /etc/grid-security/grid-mapfile does not exist... Attempting to create /etc/grid-security/grid-mapfile New entry: "/O=Grid/OU=GlobusTest/OU=simpleCA-taro.unh.edu/OU=local/CN=Maurik Holtrop" maurik (1) entry added root@taro:~>
Add an iptable exception
iptables -I INPUT 8 -p tcp --dport 7512 -j ACCEPT iptables -I INPUT 8 -p tcp --dport 2811 -j ACCEPT
Installation steps
Steps performed on 2015/02/15
- Update the globus toolkit from website instructions, starting with the downloaded rpm.
- Follow steps in:Quick Start
- Note: The myproxy etc have duplicates as shown by: "yum --showduplicates list myproxy | expand", this causes library version conflicts.
- Install the gt6 version with: "yum install myproxy-6.1.8-1.el5+gt6 myproxy-server-6.1.8-1.el5+gt6 myproxy-admin-6.1.8-1.el5+gt6"
- Install the simple certificates: globus-simple-ca globus-gsi-cert-utils-progs
- Now /usr/local/globus-5.0.5/bin/grid-cert-diagnostics shows a proper cert.
Specific steps performed:
rpm --install globus-toolkit-repo-latest.noarch.rpm yum install globus-gridftp globus-gram5 globus-gsi yum install myproxy-6.1.8-1.el5+gt6 myproxy-server-6.1.8-1.el5+gt6 myproxy-admin-6.1.8-1.el5+gt6 install -o myproxy -m 644 /etc/grid-security/hostcert.pem /etc/grid-security/myproxy/hostcert.pem install -o myproxy -m 600 /etc/grid-security/hostkey.pem /etc/grid-security/myproxy/hostkey.pem emacs -nw /etc/myproxy-server.config # Uncomment sample policy #1 usermod -a -G simpleca myproxy service myproxy-server start su - -s /bin/sh myproxy
